﻿<%@ Page Language="C#" EnableViewState="false" %>
<%@ Implements Interface="Idunno.AntiCsrf.ISuppressCsrfCheck" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Demo Page - Without Protection, excluded via Marker Interface</title>
    <script language="CS" runat="server">
        protected void Page_Load(object sender, EventArgs e)
        {
            if (Request.Cookies != null)
            {
                HttpCookie csrfCookie;
                if (Request.Cookies[Idunno.AntiCsrf.Configuration.CsrfSettings.Settings.CookieName] != null)
                {
                    csrfCookie = Request.Cookies[Idunno.AntiCsrf.Configuration.CsrfSettings.Settings.CookieName];
                    if (csrfCookie != null)
                    {
                        this.theCookie.Text = csrfCookie.Value;
                    }
                }
            }
            this.callingMethod.Text = Request.HttpMethod;
        }

        protected void submit_Click(object sender, EventArgs e)
        {
            // Presumably we're going off to the database here to do something...
            Label1.Text = TextBox1.Text;
        }
    </script>
</head>
<body>
    <form id="form1" runat="server">
    <div>
        HTTP Method: <asp:Label ID="callingMethod" runat="server" /><br />
        CSRF Cookie: <asp:Label ID="theCookie" runat="server" /><br /><br />
        Enter in a value to do something with:
        <asp:TextBox ID="TextBox1" runat="server"></asp:TextBox><br /><br />
        <asp:Label ID="Label1" runat="server"></asp:Label><br /><br />
        <asp:Button ID="submit" text="submit" runat="server" onclick="submit_Click" />
    </div>
    </form>
</body>
</html>
